I was wondering if there was a way to check if the user is enrolled in MFA - ie. entered their phone number - inside of a rule? From what I can tell the user object doesn’t pass around any information other than
multifactor: ['guardian'], even though in the raw json I can see a
For as far as I’m aware you can’t check if a user is enrolled. What you can do, is add a bit of data to app_metadata to signal to the rule MFA should be required for that user (something like:
”mfa_enabled”: true). Then deciding to do MFA is as simple as an if statement to check for that particular value.
Yeah we do something like that in a rule but that gets set to trigger the MFA rule, what we want is to know when the user actually enrolls their phone number through MFA - since they user can trigger MFA but never actually enroll with their phone number number